I want to begin to use Tor Browser (on Windows) but before I need to know some issues. I have read Tor's six pillars and one of that is "Don't enable or install browser plugins". So my doubt is: does it include "normal" add-ons?

With "normal" addons I refer to extensions like Diigo Extension, Buffer, Zotero, Color Picker... I need some of them to work and improve my self-management.

Everything I have read is about plugins: VLC, RealPlayer, Flash, Java... But nothing about Firefox Add-ons.

From the perspective of using them in Tor, I don't think there's any distinction between a plugin and an addon. In the least, they will all reduce your anonymity by adding to your browser's fingerprint. The general recommendation is to not use them. Have a read of tor.stackexchange.com/questions/1225/…
– Richard HorrocksOct 15 '15 at 8:42

I understand. Thank you for your help @RichardHorrocks.
– IvanhercazOct 17 '15 at 0:36

@RichardHorrocks: See the answer. Plugins are easily detectable (as of SuperUser link), addons not so. Please reply if you disagree.
– serv-incJan 18 '16 at 11:11

1

Thanks for pointing that out - it does appear that add-ons are difficult to detect :) I'd still recommend against them, even if not because of the fingerprinting issue. If the add-on isn't open source, you have know way to know what the code might be doing, which could include revealing your IP address.
– Richard HorrocksJan 20 '16 at 18:18

It's not about quantity of add-ons - it's possible to have 1000 normal add-ons and be untracked, but you can have just one bad quality one - and you're owned.
– Alexey VesninJan 11 '16 at 1:37

@AlexeyVesnin that i wanted to say with the first abstract... but with more and more add-ons the possibility increases that you got one "bad" add-on! -- and well... people who check every add-on before installing, won't ask such a question! ;-)
– DJCrashdummyJan 11 '16 at 8:37

1

Actually there's a relatively short list of must-have add-ons, so it's not so difficult to check them all
– Alexey VesninJan 11 '16 at 9:01

"addons can not be detected by default" is slightly misleading. There is no API that reports installed addons, like there is for plugins but many addons will affect the behaviour of the browser and due to this those can be detected.
– cacahuatlJul 20 '16 at 19:55

Just keep in mind that whether you use plugins or addons, many of them perform background operations communicating with remote servers. Unless you know exactly where the traffic is going and coming from as well as the transport layer being used to transmit and receive the data associated with the plugin or addon, you can't be sure that what is passing to and from your system is being channeled through tor and the corresponding relays. Without knowing all of that, it's best to keep the plugin and addon usage down to a minimum if using at all. I would recommend to refrain from using any while navigating with/through tor, and revisit where you can later with the standard browser when not connected through the tor network if you want or need to used any plugins or addons. Of course that would exclude any tor specific network locations such as .onion sites, but I'm sure you'd hate to expose yourself when you're trying to be anonymous. It's definitely a sticky situation, but always better to exercise caution when unsure (aka better safe than sorry). Some of the comments above are really useful such as reviewing a short list of must-have add-ons to keep them down to a minimum and to know that they are safe. ~RM

"Some of the comments above are really useful such as reviewing a short list of must-have add-ons to keep them down to a minimum and to know that they are safe." Was there a link to see what add on suggestions those may be? Thanks!
– ginblossomOct 14 '18 at 12:30